8015 matches found
CVE-2024-56199 phpMyFAQ Vulnerable to Stored HTML Injection at FAQ
phpMyFAQ is an open source FAQ web application. Starting no later than version 3.2.10 and prior to version 4.0.2, an attacker can inject malicious HTML content into the FAQ editor at http://localhost/admin/index.php?action=editentry, resulting in a complete disruption of the FAQ page's user...
CVE-2024-56199 phpMyFAQ Vulnerable to Stored HTML Injection at FAQ
phpMyFAQ is an open source FAQ web application. Starting no later than version 3.2.10 and prior to version 4.0.2, an attacker can inject malicious HTML content into the FAQ editor at http://localhost/admin/index.php?action=editentry, resulting in a complete disruption of the FAQ page's user...
New "DoubleClickjacking" Exploit Bypasses Clickjacking Protections on Major Websites
Threat hunters have disclosed a new "widespread timing-based vulnerability class" that leverages a double-click sequence to facilitate clickjacking attacks and account takeovers in almost all major websites. The technique has been codenamed DoubleClickjacking by security researcher Paulos Yibelo...
The vulnerability of the SAP GUI graphical user interface for Windows lies in the insufficient protection of operational data, allowing an intruder to gain unauthorized access to protected information.
The vulnerability of the SAP GUI graphical user interface for Windows relates to the display of a password used to access the SAP system. This vulnerability stems from insufficient protection of administrative data. Exploiting this vulnerability could allow an intruder to gain unauthorized access...
PT-2025-6725 · Ibm · Ibm Qradar Siem
Name of the Vulnerable Software and Affected Versions: IBM QRadar SIEM version 7.5 Description: The issue allows a privileged user to embed arbitrary JavaScript code in the Web UI, potentially altering the intended functionality and leading to credentials disclosure within a trusted session. This...
The vulnerability of Firefox browser, related to improper limitation of the number of user interface layers or frames displayed, allows attackers to perform spoofing attacks.
The vulnerability of Firefox browsers is related to improper limitation of the number of user interface layers or frames that can be displayed. Exploiting this vulnerability allows a remote attacker to perform spoofing attacks...
[SECURITY] Fedora 41 Update: jupyterlab-4.3.3-1.fc41
JupyterLab is the next-generation user interface for Project Jupyter offering all the familiar building blocks of the classic Jupyter Notebook notebook, terminal, text editor, file browser, rich outputs, etc. in a flexible and powerful user interface...
[SECURITY] Fedora 40 Update: jupyterlab-4.3.3-1.fc40
JupyterLab is the next-generation user interface for Project Jupyter offering all the familiar building blocks of the classic Jupyter Notebook notebook, terminal, text editor, file browser, rich outputs, etc. in a flexible and powerful user interface...
Malicious code in tiktok-ui (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 50583d9b69442a311dc38ffa7bb2a8d8f476b282ed859fa472dafd4672205809 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
[SECURITY] Fedora 40 Update: jupyterlab-4.3.2-1.fc40
JupyterLab is the next-generation user interface for Project Jupyter offering all the familiar building blocks of the classic Jupyter Notebook notebook, terminal, text editor, file browser, rich outputs, etc. in a flexible and powerful user interface...
[SECURITY] Fedora 41 Update: jupyterlab-4.3.2-1.fc41
JupyterLab is the next-generation user interface for Project Jupyter offering all the familiar building blocks of the classic Jupyter Notebook notebook, terminal, text editor, file browser, rich outputs, etc. in a flexible and powerful user interface...
Moderate: Red Hat Security Advisory: Red Hat Ansible Automation Platform 2.5 Product Security and Bug Fix Update
An update is now available for Red Hat Ansible Automation Platform 2.5 Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...
PT-2025-12812 · Trend Micro · Trend Micro Apex One
Name of the Vulnerable Software and Affected Versions: Trend Micro Apex One affected versions not specified Description: A local attacker could bypass existing security and execute arbitrary code on affected installations by exploiting a vulnerability in the Trend Micro Apex One Security Agent...
CVE-2024-52901
IBM InfoSphere Information Server 11.7 could allow an authenticated user to GUI to not load or stop working due to improper input validation...
CVE-2024-52901
CVE-2024-52901 affects IBM InfoSphere Information Server 11.7. The root cause is improper input validation that can cause the GUI to fail to load or stop working for an authenticated user. Affected product: InfoSphere Information Server (11.7). Impact: authenticated user GUI disruption (availabil...
CVE-2024-54503
An inconsistent user interface issue was addressed with improved state management. This issue is fixed in iOS 18.2 and iPadOS 18.2. Muting a call while ringing may not result in mute being enabled...
CVE-2024-54503
An inconsistent user interface issue was addressed with improved state management. This issue is fixed in iOS 18.2 and iPadOS 18.2. Muting a call while ringing may not result in mute being enabled...
IBM InfoSphere Information Server 安全漏洞
IBM InfoSphere Information Server is a set of data integration platforms from International Business Machines IBM. The platform can be used to integrate data information obtained from various sources. An input validation error vulnerability exists in IBM InfoSphere Information Server version 11.7...
HUAWEI HarmonyOS和EMUI 安全漏洞
Huawei HarmonyOS is an operating system from Huawei, a Chinese company. It provides a full-scene distributed operating system based on a microkernel.Huawei EMUI is an emotional operating system developed by Huawei based on Android Android. A denial of service vulnerability exists in Huawei...
Huawei HarmonyOS 安全漏洞
Huawei HarmonyOS is an operating system from Huawei China. It provides a full-scenario distributed operating system based on a microkernel. A security vulnerability exists in the Huawei HarmonyOS UIExtension module, which can be exploited by attackers to compromise confidentiality...